As the law of averages goes, high-net-worth individuals tend to be older and cyber-criminals tend to be younger.
These facts alone expose a technology chasm which is being exploited at a huge financial cost to wealthy individuals who are being taken advantage by cyber-criminals.
Whilst companies are slowly but surely putting in place increased security measures to protect their businesses from the risk of cyber-attack, wealthy individuals tend not to have the same access to IT risk solutions. The cyber threat remains and whilst media headlines are focussed on cyber-attacks within businesses, the message is not always being received by those people who are particularly at risk. High-net-worth individuals and their families have become alluring potential targets for those wishing to inflict a cyber-attack.
Indications are that the risk to a high-net-worth individual is considerably higher than the risk to average internet user, simply due to the targeting of those with a greater asset base. In fact, a recent report highlights that 28% of international high-net-worth families have fallen victim to a cyber-attack, with one family having lost $10m through a cyber incident.
Historically, identity theft is the most prevalent threat in the high-wealth space but the types of attacks are evolving as the possibility of ill-gotten gains increases. Other cyber-attacks gaining notoriety amongst high-net-worth individuals include:
- social engineering. Criminals hack into email accounts, posing as legitimate participants (perhaps a financial adviser, family member or personal assistant) and fraudulently manipulate the transfer of funds to a criminal's account;
- the use of digital breadcrumb trails. Public profiles as well as social networking activity provide detailed and useful information that may be used to great effect by even the most amateur of cyber-criminals;
- extortion, with particular leverage around reputational damage; and
- security breaches of private jets and super yachts. This attack has particular appeal for ransom purposes but also due to the many connected devices which serve to transmit details on itineraries etc.
Quite apart from the malicious type of attacks referred to above, there is always the risk of human error or a behavioural issue when it comes to dealing with cyber security. Diligence, awareness and ongoing education are as vital within private homes as they are within the business context.
Traditional cyber policies haven't always responded well to the needs of high-net-worth individuals and their families: they have tended to focus on threats to organisations, such as business interruption or liability to third parties.
As the threats to wealthy individuals increase and mature, the insurance industry is responding in a more bespoke manner. Products are starting to emerge with a particular focus on this high-end market, taking account of the specific circumstances, lifestyles and needs. Watch this space.